Fixlet Site - PatchesforSUSELinuxEnterprise
Current Version: 215	Published: Thu, 30 Apr 2009 00:02:09  GMT

New Fixlets:
============

***************************************************************
Title: PATCH-12395 - Security update for KDE PIM 3 packages - SLES9
Severity: <Unspecified>
Fixlet ID: 1239501
Fixlet Link: http://download.novell.com/Download?buildid=RNbvG8-Wdcw~

Fixlet Description: This update fixes a security issue with KMail where links in mails were executed without confirmation. Please update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-12396 - Security update for CUPS - SLES9
Severity: <Unspecified>
Fixlet ID: 1239601
Fixlet Link: http://download.novell.com/Download?buildid=YB4tfOatjio~

Fixlet Description: The following bugs have been fixed:   Specially crafted tiff files could cause an integer overflow in the 'imagetops' filter (CVE-2009-0163). Specially crafted pdf files could cause overflows in the 'pdftops' filter (CVE-2009-0165, CVE-2009-0166, CVE-2009-0146, CVE-2009-0147, CVE-2009-0799, CVE-2009-0800, CVE-2009-1179, CVE-2009-1180, CVE-2009-1181, CVE-2009-1182, CVE-2009-1183). Everyone should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-12397 - Security update for OpenSSL - SLES9
Severity: <Unspecified>
Fixlet ID: 1239701
Fixlet Link: http://download.novell.com/Download?buildid=bKywZY8hVb0~

Fixlet Description: This update of OpenSSL fixes the following problems:   CVE-2009-0590: ASN1_STRING_print_ex() function allows remote denial of service CVE-2009-0789: denial of service due to malformed ASN.1 structures Everyone should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-12402 - Security update for ClamAV - SLES9
Severity: <Unspecified>
Fixlet ID: 1240201
Fixlet Link: http://download.novell.com/Download?buildid=hfCP2jYaMFI~

Fixlet Description: This clamav version upgrade to 0.95.1 fixes a buffer overflow error in the cli_url_canon() function (CVE-2009-1372) and a denial of service condition occuring while parsing malformed UPack archives (CVE-2009-1371). Please update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B9031601 - Security update for NetworkManager - SLED10 SP2
Severity: <Unspecified>
Fixlet ID: 903160102
Fixlet Link: http://download.novell.com/Download?buildid=415KfVZLO0Y~

Fixlet Description: The NetworkManager configuration was too permissive and allowed any user to read secrets (CVE-2009-0365) or manipulate the configuration of other users (CVE-2009-0578). Everyone using NetworkManager should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B9031603 - Security update for NetworkManager-gnome - SLED10 SP2
Severity: <Unspecified>
Fixlet ID: 903160302
Fixlet Link: http://download.novell.com/Download?buildid=67gCzW-XvUw~

Fixlet Description: The NetworkManager configuration was too permissive and allowed any user to read secrets (CVE-2009-0365) or manipulate the configuration of other users (CVE-2009-0578). Everyone using NetworkManager should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B9031603 - Dependencies Needed - SLED10 SP2
Severity: <Unspecified>
Fixlet ID: 903160303
Fixlet Link: http://download.novell.com/Download?buildid=67gCzW-XvUw~

Fixlet Description: An updated NetworkManager-gnome package is now available for SuSE Linux Enterprise 10. However, this packages has a dependency that must be resolved. The following package must be installed at the specified version or greater:  NetworkManager-0.6.6-0.14.i586.rpm

***************************************************************
Title: PATCH-B9042701 - Security update for evolution-data-server - SLES10 SP2
Severity: <Unspecified>
Fixlet ID: 904270103
Fixlet Link: http://download.novell.com/Download?buildid=VBKn5fojoCw~

Fixlet Description: camel's NTLM SASL authentication mechanism as used by evolution did not properly validate server's challenge packets (CVE-2009-0582). Every user of Evolution should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B9042701 - Security update for evolution-data-server - SLED10 SP2
Severity: <Unspecified>
Fixlet ID: 904270105
Fixlet Link: http://download.novell.com/Download?buildid=MFa017TWZNQ~

Fixlet Description: camel's NTLM SASL authentication mechanism as used by evolution did not properly validate server's challenge packets (CVE-2009-0582). Every user of Evolution should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B9042801 - Security update for compat-openssl097g - SLED10 SP2
Severity: <Unspecified>
Fixlet ID: 904280101
Fixlet Link: http://download.novell.com/Download?buildid=uqz50dKM-zs~

Fixlet Description: This update of openssl fixes the following problems:     CVE-2009-0590: ASN1_STRING_print_ex() function allows remote denial of service  CVE-2009-0789: denial of service due to malformed ASN.1 structures Everyone should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B9042801 - Security update for compat-openssl097g - SLES10 SP2
Severity: <Unspecified>
Fixlet ID: 904280103
Fixlet Link: http://download.novell.com/Download?buildid=97aXpAkSzvQ~

Fixlet Description: This update of openssl fixes the following problems:     CVE-2009-0590: ASN1_STRING_print_ex() function allows remote denial of service  CVE-2009-0789: denial of service due to malformed ASN.1 structures Everyone should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B9042802 - Security update for OpenSSL - SLED10 SP2
Severity: <Unspecified>
Fixlet ID: 904280201
Fixlet Link: http://download.novell.com/Download?buildid=8ZcIF4oXT8s~

Fixlet Description: This update of OpenSSL fixes the following problems:     CVE-2009-0590: ASN1_STRING_print_ex() function allows remote denial of service  CVE-2009-0789: denial of service due to malformed ASN.1 structures Everyone should update. Please see patch page for more detailed information.

***************************************************************
Title: PATCH-B9042802 - Security update for OpenSSL - SLES10 SP2
Severity: <Unspecified>
Fixlet ID: 904280203
Fixlet Link: http://download.novell.com/Download?buildid=R9o80uSohII~

Fixlet Description: This update of OpenSSL fixes the following problems:     CVE-2009-0590: ASN1_STRING_print_ex() function allows remote denial of service  CVE-2009-0789: denial of service due to malformed ASN.1 structures Everyone should update. Please see patch page for more detailed information.